EP4241478A1 - Device and method for registering a user - Google Patents

Device and method for registering a user

Info

Publication number
EP4241478A1
EP4241478A1 EP21802822.3A EP21802822A EP4241478A1 EP 4241478 A1 EP4241478 A1 EP 4241478A1 EP 21802822 A EP21802822 A EP 21802822A EP 4241478 A1 EP4241478 A1 EP 4241478A1
Authority
EP
European Patent Office
Prior art keywords
registration code
user
data
registration
identification data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP21802822.3A
Other languages
German (de)
English (en)
French (fr)
Inventor
Aleardo Furlani
Alessio GUGLIOTTA
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Aleardo Furlani Start Up Costituita A Norma Srl
Original Assignee
Aleardo Furlani Start Up Costituita A Norma Srl
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Aleardo Furlani Start Up Costituita A Norma Srl filed Critical Aleardo Furlani Start Up Costituita A Norma Srl
Publication of EP4241478A1 publication Critical patent/EP4241478A1/en
Withdrawn legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/068Authentication using credential vaults, e.g. password manager applications or one time password [OTP] applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/40Security arrangements using identity modules
    • H04W12/47Security arrangements using identity modules using near field communication [NFC] or radio frequency identification [RFID] modules
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C1/00Registering, indicating or recording the time of events or elapsed time, e.g. time-recorders for work people
    • G07C1/02Registering, indicating or recording the time of events or elapsed time, e.g. time-recorders for work people not involving the registering, indicating or recording of other data
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/20Individual registration on entry or exit involving the use of a pass
    • G07C9/28Individual registration on entry or exit involving the use of a pass the pass enabling tracking or indicating presence
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07CTIME OR ATTENDANCE REGISTERS; REGISTERING OR INDICATING THE WORKING OF MACHINES; GENERATING RANDOM NUMBERS; VOTING OR LOTTERY APPARATUS; ARRANGEMENTS, SYSTEMS OR APPARATUS FOR CHECKING NOT PROVIDED FOR ELSEWHERE
    • G07C9/00Individual registration on entry or exit
    • G07C9/30Individual registration on entry or exit not involving the use of a pass
    • G07C9/32Individual registration on entry or exit not involving the use of a pass in combination with an identity check
    • G07C9/37Individual registration on entry or exit not involving the use of a pass in combination with an identity check using biometric data, e.g. fingerprints, iris scans or voice recognition
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/63Location-dependent; Proximity-dependent

Definitions

  • the present invention relates to the technical sector of systems for the certification/ authentication of the presence and identity, including by identifying biometric data, of a person at a given location and at a given time.
  • the present invention relates to a device and a method for registering the presence of an individual in a place and at a determined time.
  • the place in question may be any place in which it is necessary or of interest to register the identity of persons entering it, by way of example and without limiting the scope of the invention, such places of interest may comprise commercial premises, hospitals, museums, public offices and private homes.
  • the presence of an employee is usually verified by reading a badge which records the identity of the person carrying out the operation, also storing the time in which it is carried out.
  • the identity and the data of interest of the user are all pre-registered in a company database, in such a way as to be able to correctly associate each individual badge with a specific employee.
  • the recording is currently carried out by means of a manual entering, by an operator, of the information useful for identifying the user who accesses the place.
  • the technical purpose which forms the basis of this invention is to provide a registration device and method which obviate at least some of the above-mentioned drawbacks in the cited prior art.
  • the aim of the present invention is to provide a registration device and method which enable the registering of the accesses to be performed rapidly and with precision, that is to say, an event relative to a user in a given place and time, while at the same time protecting privacy.
  • the technical purpose indicated and the specified aims are substantially achieved by a registration device and a method comprising the technical features described in one or more of the appended claims.
  • the present invention describes a device for registering a user which comprises an acquisition module, a storage module, an encoding module and a transmission module.
  • the acquisition module is configured for acquiring a plurality of identification data of the user.
  • the storage module is configured for storing at least a part of the identification data acquired by means of the acquisition module, i.e. generating and storing a new identification code of the event.
  • the encoding module is configured for encrypting at least a part of the plurality of identification data and for generating a registration code representing the data and code.
  • the transmission module is configured for transmitting the registration code by means of a wireless communication protocol.
  • the device described herein makes it possible to generate and transmit, quickly and easily, a code that is such as to enable unique identification of an individual after having at least partly encrypted the data which identify him or her in respect of the privacy thereof.
  • This present invention also relates to a registration system which comprises a registration device and a receiver device.
  • the registration device is configured for acquiring, storing, encoding and transmitting identification data of a user.
  • the registration device is a device in accordance with the present invention.
  • the receiver device is configured to receive, by means of a wireless transmission protocol, the registration code transmitted by the registration device and to store the identification code.
  • this registration system allows the user's data to be quickly acquired without requiring a lengthy and laborious manual acquisition by an operator.
  • the invention also relates to a registration method which is carried out by acquiring a plurality of identification data of the user.
  • the collected data is then encrypted at least partly and used to generate a registration code.
  • the registration code can therefore be transmitted to a receiver device which stores it in order to register the user.
  • this method allows the presence of a user to be quickly recorded, while at the same time respecting the user’s privacy, since at least some of the data which identify him or her are encrypted.
  • FIG. 1 is a schematic view of a system which uses the device according to the present invention.
  • reference numeral 1 generically denotes a registration device, to which reference will hereinafter be made below simply as the device 1.
  • registration is used to mean in general any activities designed or entered in a special register for administrative, commercial, juridical or statistical use of one or more items of data which makes it possible to uniquely identify a user.
  • the registration makes it possible to identify the presence of the user inside a place at a given time.
  • the device 1 comprises an acquisition module 2, a storage module 3, an encoding module 4 and a transmission module 5.
  • the acquisition module 2 is configured for acquiring a plurality of identification data of the user.
  • the identification data may comprise any type of information such as to make it possible to uniquely identify the user, whether considered individually or in combination with other data.
  • the plurality of identification data may comprise information relating to the user belonging to one or more of the following categories: personal data (name, name, place of birth, date of birth), biometric data (a scan of a fingerprint, photographs, voice recordings), alphanumeric data associated with the user (tax code, identity card code or health card, codes associated with credit/debit cards or current accounts).
  • the acquisition module 2 comprises one or more devices configured for acquiring one or more respective data of interest.
  • the acquisition module 2 can comprise a biometric recognition system configured for acquisition thereof, such as, for example, a fingerprint reader, an audio acquisition device, a video acquisition device.
  • the acquisition module 2 may also comprise or be connectable to a user interface which allows the user to enter or edit data of a personal or alphanumeric type, such as, for example, a touch screen.
  • the acquisition device 2 is configured for acquiring a plurality of identification data of the user which comprise at least one sensitive item of data.
  • sensitive data is used to mean data the collection and processing of which is subject to the consent of the user to whom that data refers and/or to the prior authorisation of an authority which regulates and protects the user's privacy in accordance with the current regulations.
  • sensitive data is used to mean any data which the user does not wish to share openly with third parties.
  • the identification data collected by the acquisition module 2 can be completely or at least partly stored inside the storage module 3.
  • all the data acquired by the acquisition module 2 can be stored.
  • the storage module 3 can advantageously be edited to allow the user to enter and modify the identification data and/or to identify determined identification data as sensitive data.
  • the user has the right to select which identification data stored in the storage module 3 is to be considered as sensitive data and which is not.
  • the user could indicate that a predetermined identification data time containing medical information (such as, for example, the blood group of the user) must be considered as sensitive in a certain context (for example, for carrying out a registration in one commercial activity) but not in another (for example for registering an access to a hospital).
  • a predetermined identification data time containing medical information such as, for example, the blood group of the user
  • the storage module 3 comprises a legible and editable storage support, which allows the user to write, modify and read the information contained inside it.
  • some of the information contained in the identification data which has been acquired and stored by the respective modules may be of a sensitive personal nature or in any case the user might not wish to have it open to view, that is to say, it might not be desirable for them to be shared in a form immediately and easily interpreted or recognised by third parties.
  • At least a part of the plurality of identification data which is acquired and stored by the respective modules is encrypted by the encoding module 4.
  • the encoding operation may be performed on all the sensitive data acquired/representable and stored/stored by the respective modules, or only on a sub-set thereof.
  • the encoding may be performed only on the data identified as sensitive or on any other sub-set or group of identification data sub-sets according to the requirements of the user.
  • the storage module can be edited to allow the user to identify certain identification data or determined groups of identification data as the data which must be encrypted by the encoding module 4.
  • the encoding module 4 is further configured for generating a registration code representing the plurality of identification data.
  • the encoding module 4 processes the identification data of the user, encrypting what the user does not wish to share freely and at the same time generates a code representing all the user identification data (encrypted and not).
  • the registration code might only contain a contact address (for example, an electronic mail address or a telephone address) of the user in order to make it contactable by the establishment in which all further identification data has been recorded and kept encrypted, allowing it to be unambiguously identified (name, surname, address, data for execution and authorisation of payments).
  • a contact address for example, an electronic mail address or a telephone address
  • the registration code can therefore be transmitted by means of the transmission module 5 and shared by the user for recording its presence in a place or at a service establishment.
  • the transmission module 5 is configured for sharing the registration code in such a way as to rapidly and easily register the user.
  • the registration code uniquely identifies the user without the need to acquire the data which identifies him or her one by one using a manual process. Further, at least part of the data is encoded in such a way as to respect the user's privacy, and the option of selecting which data is to be encrypted and which is not means that the device 1 can be rapidly adapted to any updates and modifications set by the legislator with respect to privacy regulations.
  • the transmission module 5 is configured to transmit the registration code by means of a wireless communication protocol.
  • the transmission module 5 can comprise a wireless antenna configured for transmitting the registration code via a Wi-Fi® or Bluetooth® protocol or via the mobile phone network.
  • the acquisition module 2 can comprise an input device which can be used by the user to activate the transmission module 5 in such a way as to start the transmission of the registration code.
  • the interaction of the user with the input device can allow the user to also activate different functions such as, for example, starting the acquisition or modification of determined identification data.
  • the input device comprises a fingerprint reader configured to detect a fingerprint of the user and to activate the transmission of the registration code only if the fingerprint detected corresponds with a reference fingerprint.
  • the reference digital impression may preferably be a fingerprint previously acquired and stored in the storage module 3.
  • the duration of the user's finger remaining on the fingerprint reader could be associated with the activation of different modules and processes of the device 1.
  • the acquisition module 2 can also comprise a position detector and/or a clock, which are configured to detect, respectively, a geographical position and a time in which a transmission of the registration code is carried out.
  • the device 1 is able not only to identify the user but also the geographical localisation and the time at which the registration procedures are carried out.
  • the encoding module is configured for generating a registration code also representing the geographical position and/or the time at which the transmission of the registration code is carried out.
  • the registration code which is transmitted by the transmission module 5 makes it possible to uniquely identify who caused the generation of the registration code, as well as the time and the place at the moment the registration code was sent.
  • This aspect is particularly advantageous if the device 1 is used to register the user at an online service (purchases in on-line shops or registration for courses, examinations, seminars and conferences), as the identification of the time and place where the procedure is carried out allows certification of the registration being carried out at the correct time and by the user to whom the identification data belong.
  • the registration code contains localisation data which indicates a particularly distant geographical position (for example, a different nation) an attempt to register might be under way by a person other than the user to whom the identification data belong.
  • This situation could, for example, trigger further authentication procedures using different means or lead to the unsuccessful termination of the registration procedure.
  • the registration code may also be stored inside the storage module 3 in such a way that the user can keep track of every time that he or she has shared the registration code, where it was located and the time at which the transmissions occurred.
  • the invention advantageously attains the preset aims, overcoming the drawbacks of the prior art by providing the user with a registration device 1 which is able to quickly and securely share the identification data of the user, while at the same time respecting privacy.
  • the present invention also relates to a registration system 100 which comprises a registration device 1 and a receiver device 6.
  • the registration device 1 is preferably made in accordance with one or more of the technical characteristics identified and analysed in the foregoing.
  • the device 1 is configured for generating and transmitting a registration code identifying at least one identification data of a user.
  • the receiver device 6 is configured to receive the registration code by means of a transmission performed via a wireless transmission protocol.
  • the receiver device 6 can be coupled to the device 1 to receive the registration code therefrom. Further, the receiver device 6 is configured for storing the identification code.
  • the receiver device 6 can store the registration code received by the device 1 locally and/or remotely.
  • the receiver device 6 may comprise an internal memory 7a which is readable and editable and in which the registration code is stored and/or which can be connected to a remote storage system 7b.
  • the remote storage system 7b may comprise a remote server, a cloud, a shared data structure (such as, for example, a blockchain) or any combination thereof.
  • the receiver device 6 can be installed or incorporated or can correspond with a management system of the place in which the entries of the various users who travel there for reasons of security, statistical analysis or public order are to be registered.
  • the registration of the users may be performed automatically without wasting the working time of an operator who would otherwise have to manually enter them in the management system.
  • the receiver device 6 may be connected or connectable to a certifying body which is able to check and certify the authenticity of the registration code.
  • the certifying body may be a public or private body which is required to authenticate the registration code, in particular to verify that the registration code is an authentic code that effectively contains data suitable for identifying a specific user.
  • the certifying body is designed to autonomously and automatically decrypt the registration code received for a verification, but simply means that it is able to do so and recognise that the code satisfies certain authenticity standards defined, for example, on the basis of determined markers present in the code and/or in respect of predetermined rules of composition and encryption of the code. In this way, should it be necessary for the needs of public order, access to all the identification data encrypted in the registration code would have the option of interfacing with the certifying body to obtain the data.
  • the device 1 is shown as divided into separate functional modules (acquisition module 2 or storage module 3, and so on) for the sole purpose of describing the functionality in a clear and complete manner.
  • the device 1 may, in one case, consist of a single electronic device, suitably programmed to perform the functions described and the various modules can correspond to hardware units and/or software routines forming part of the programmed device 1.
  • the functions can be performed by a plurality of electronic devices on which the above-mentioned functional modules can be distributed.
  • the processing unit may also be equipped with one or more processors for carrying out the instructions which are advantageously contained in the storage module 3 and in such a way as to carry out a registration method as described below.
  • the above-mentioned functional modules may also be distributed on different computers, either locally or remotely, on the basis of the architecture of the network on which they are housed.
  • the present invention also relates to a registration method which allows the identity of a user to be recorded and certified in a fast and efficient manner.
  • the method described here can be performed in a particularly high-performing manner by using a device 1 and a registration system 100 characterised by one or more of the technical features described in the foregoing.
  • the method is performed by acquiring a plurality of identification data of the user.
  • This acquisition may be performed only once after which the identification data is stored or can be acquired any number of times both for the addition of further identification data and for their updating, or for performing a verification that one or more item of identification data is consistent with and compliant with the previously stored data.
  • At least a part of the identification data acquired is then encrypted so as to protect the user's privacy.
  • the selection of which data is encrypted and which is not encrypted can be set by the user according to his requirements and the type of registration operation he wishes to carry out.
  • the method comprises identifying as sensitive data at least one item of user identification data and the encoding of the identification data is performed by encrypting only the sensitive data.
  • the plurality of data (both encrypted and accessible if present) is therefore used to generate a registration code which represents them and which is transferred to a receiver device 6.
  • the receiver device 6 stores the registration code in such a way as to register the user, which is uniquely identified by the information contained in the registration code.
  • the storage of the registration code can advantageously be performed by storing the registration code in a blockchain.
  • the registration of the user may also be accompanied by a verification of the authenticity of the code, preferably by subjecting the code to a control by a certifying body.
  • the identity of the user can also be checked, for example, by also subjecting the registration code to a check by a certifying body.
  • the certifying body can perform a double control aimed at authenticating not only the code itself, but also the identity of the person who requested the registration.
  • the method may comprise the acquisition of an item of biometric data of the user and the above-mentioned verification steps can be performed by comparing the biometric data acquired with a corresponding reference data stored in a database of the certifying body.
  • Both the biometric data and the reference data may be data encrypted in such a way as not to allow access to them by unauthorised third parties.
  • biometric data may also be used to activate/authorise the transmission of the reference code.
  • the step of transmitting the registration code may be carried out only after a positive compliance verification between the biometric data and the reference data.
  • the reference data may also be an item of data stored locally in a registration device 1 such as the one described here.
  • the generation of the registration code can preferably also be performed by taking into account the place and time in which the registration procedure is performed, that is to say, the transmission of the registration code.
  • the method described here advantageously overcomes the drawbacks of the prior art since it enables the data of the user to be quickly shared while at the same time encoding the data which the user does not wish to be accessible to all.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
  • Electrical Discharge Machining, Electrochemical Machining, And Combined Machining (AREA)
  • Electrotherapy Devices (AREA)
  • Diaphragms For Electromechanical Transducers (AREA)
  • Collating Specific Patterns (AREA)
EP21802822.3A 2020-11-06 2021-11-03 Device and method for registering a user Withdrawn EP4241478A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IT102020000026521A IT202000026521A1 (it) 2020-11-06 2020-11-06 Dispositivo e metodo di registrazione
PCT/IB2021/060155 WO2022097028A1 (en) 2020-11-06 2021-11-03 Device and method for registering a user

Publications (1)

Publication Number Publication Date
EP4241478A1 true EP4241478A1 (en) 2023-09-13

Family

ID=74347540

Family Applications (1)

Application Number Title Priority Date Filing Date
EP21802822.3A Withdrawn EP4241478A1 (en) 2020-11-06 2021-11-03 Device and method for registering a user

Country Status (3)

Country Link
EP (1) EP4241478A1 (it)
IT (1) IT202000026521A1 (it)
WO (1) WO2022097028A1 (it)

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
FR3007171B1 (fr) * 2013-06-14 2019-08-23 Idemia Identity And Security Procede de controle de personnes et application a l'inspection des personnes
US11321983B2 (en) * 2018-06-26 2022-05-03 Veriscan, Llc System and method for identifying and verifying one or more individuals using facial recognition
JP7238346B2 (ja) * 2018-11-02 2023-03-14 日本電気株式会社 情報処理装置、情報処理装置の制御プログラムおよび通信端末

Also Published As

Publication number Publication date
WO2022097028A1 (en) 2022-05-12
IT202000026521A1 (it) 2022-05-06

Similar Documents

Publication Publication Date Title
US9864992B1 (en) System and method for enrolling in a biometric system
US8275995B2 (en) Identity authentication and secured access systems, components, and methods
CN1623167B (zh) 安全许可卡,读取安全许可卡的系统和方法
US9100826B2 (en) Method and apparatus for secure access payment and identification
CN100587728C (zh) 用于实现对对象或者业务的访问的方法和系统
US20070175986A1 (en) System and method for nameless biometric authentication and non-repudiation validation
US20030086594A1 (en) Providing identity and security information
JP6897953B2 (ja) 入場受付端末、入場受付方法、入場受付プログラム、および入場受付システム
CN112005231A (zh) 生物特征认证方法、系统和计算机程序
US20060000901A1 (en) Apparatus for reading standardized personal identification credentials for integration with automated access control systems
CN112734248A (zh) 一种房地产智能管理系统
US20070067330A1 (en) Security method for verifying and tracking service personnel
EP4241478A1 (en) Device and method for registering a user
US20100235382A1 (en) Identification and authorization system
AU2014100797A4 (en) Driver licence and other identification card and identity verification system
CN108492214B (zh) 一种移动终端、服务器、管理系统、自助入住系统
WO2012178186A1 (en) Identification and authentication system and method
CN106203166A (zh) 一种汽车导航信息数据共享方法
JP2013235549A (ja) 電子投票システム
CN115664689A (zh) 一种互联网身份核验服务系统
EP2027552A2 (en) Universal secure registry
Base IT security success for US-based biometric suppliers
CA2577843A1 (en) Electronic identification system for form location, organization, and endorsment
FR2808146A1 (fr) Procede de controle de l'identite d'une personne effectuant une transaction sur un site d'un reseau tel que le reseau internet

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20230508

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

DAV Request for validation of the european patent (deleted)
DAX Request for extension of the european patent (deleted)
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20240103